Americas
Oceania
Sélectionnez la région / le pays / la langue
Advisory ID: 21-0002
Publish Date: 2021-02-10
Last Updated: 2021-02-10
Revision: 1.0
The Software Development Kit in Mitel MiContact Center Business could allow an unauthenticated attacker to access user data without authorization due to improper handling of tokens. Successful exploit could allow an attacker to view and modify user data, potentially impacting confidentiality of user data and integrity of the application.
Mitel is recommending customers with affected product versions, update to the latest release.
Product Name | Product Version | Security Bulletin | Last Updated |
---|---|---|---|
MiContact Center Business |
MiContact Center Business from 8.0.0.0 to 8.1.4.1 MiContact Center Business 9.0.0.0 MiContact Center Business 9.0.1.0 MiContact Center Business 9.0.2.0 MiContact Center Business 9.1.0.0 MiContact Center Business 9.1.1.0 MiContact Center Business 9.1.2.0 MiContact Center Business 9.1.3.0 MiContact Center Business 9.2.0.0 MiContact Center Business 9.2.1.0 MiContact Center Business 9.2.2.0 MiContact Center Business 9.2.3.0 MiContact Center Business 9.3.0.0 MiContact Center Business 9.3.1.0 |
21-0002-001 | 2021-02-10 |
The risk for this vulnerability is rated as High. Refer to the product Security Bulletins for additional statements regarding risk.
Mitel has issued new hotfixes for the affected software versions. Customers are advised to apply the appropriate hotfix. For more information refer to the Product Security Bulletin and review related Knowledge Base article, Mandatory Security Hot Fix for CVE-2021-3352.
Version | Date | Description |
---|---|---|
1.0 | 2021-02-10 | Initial Version |